Setting up Two-factor Authentication (2FA)

Knowledge base

Setting up Two-factor Authentication (2FA)

When you log in to Xeppo for the first time you will need to set up Two-Factor Authentication (or 2FA). Two-Factor Authentication (2FA), adds an additional layer to the authentication process, required to further enhance the security in accessing your account.

An Authenticator app is needed to set up 2FA. An authenticator app is usually a third-party software installed on your smartphone and automatically generates a passcode. Examples of authenticator apps include Google Authenticator, Microsoft Authenticator, Authy, Last Pass, and more.

2FA Setup

    1. Once you have successfully authenticated with your username and password, the page redirects to the "Mandated Two-factor Authentication (2FA)" page.

Verify or Setup 2FA

  1. On this page, you need to verify your first-factor, which is your password. Enter your password into the Password field.
  2. The next step requires to configure your second-factor. Your second factor is a verification code generated by your authenticator app.  To configure your second-factor, simply follow the instructions on-screen.

If you are unable to scan the QR code, then select the option to manually enter a generated key which you can enter into your authenticator app

If you need to add an Account Name please ensure you enter your Xeppo username in this field - your username is the email address assigned to your account

Recovery Codes

Once you have set up 2FA on your app, you will then be presented with 10 recovery codes. A recovery code is an eight-digit randomly generated access code to help you reset or regain access to your account in case your two-factor authentication app is no longer reachable.


How does the Recovery Code Work?

If you have authenticated with your username and password, but lost your 2FA device or deleted your Authentication app, you can use the code to log in with a recovery code.


It is important that you copy, and save these recovery codes in a safe place as these are just as critical as your password or 2FA. Once you're logged in, we recommend that you manage your 2FA account by resetting your authenticator app.

Each recovery code can only be used once and cannot be emailed to you again before resetting - so keep codes in a safe location

Was this article helpful?
5 out of 9 found this helpful



Article is closed for comments.